We have seen this on quite a few of client blogs, those of them who have not upgraded to WordPress 1.5 or higher. From the WordPress Dev. Blog: WordPress is secure:
There is news of a worm which uses a vulnerability in the PHPXMLRPC libraries to spread a computer virus. Some articles are pointing to out-of-date information claiming that WordPress 1.5 is vulnerable. That is incorrect. WordPress 1.5 or higher is safe. Since the release of version 1.5, WordPress has used a completely different XML-RPC library, called IXR.
So, everyone running 1.5 or higher can breathe a collective sigh of relief.
Those of you running 1.2.x or lower? /insert theme from Jaws here
How about if I insert the voice of Bruce from Nemo saying…
“Well. Helllooooooo.”
>:)
(p.s. they still had the cereal!! YAHOO!)
Can I pay you to upgrade me? :d